Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zuka
New Contributor

The Fortinet vpn ssl is unstable

Hi, we have two Fortigate 300E in HA with Firmware versión 6.2.2. This solution was implemented 4 moths ago. Since that date we have been looking for and testing different solutions to solve the disconnections of the SSL VPN, in some cases it is disconnected and in most cases the problem is that sensitive applications fall after a few minutes, applications such as RDP, SAP include other services like file server service.

We currently have a case with Fortinet support, but two months have gone by without any progress.

Anyone else had similar problems with the SSL VPN? Could you solve it in any way? I have read that some opted for IPSEC for this reason.

We have tested the different versions of Forticlient starting with 6.0 and finally the FortiClient VPN 6.2.0 free.

We also tried to modify the MTU with different values ​​in the affected rules, we added the line "set preserve-session-route" so that the sessions are not affected by the changes of routes, try disabled dtls, and change connection with other ISPs. Finally the Fortiner Support recommended me to update the firmware of the fortigate., but the latter didn't work either. Also we tested disable dtls

I really appreciate if you can help me or tell me about your experiences with Fortinet SSL VPN. Regards

8 REPLIES 8
HFMXI
New Contributor

We have the same issue for about as long as well.   Our SSLVPN drops regularly and nobody has been able to help.  Curious how many of these are common between us:

 

[ul]
  • I typically drop within 5 minutes of a session, but sometimes I get a good run of a few hours.  It's always most common after a reboot to drop more quickly. 
  • We originally implemented din May 2019 so have been dealing with this problem for 5 months or so.  Originally we were on 6.2, rolled back to 6.x, and we are back on 6.2.2
  • Migrated from Cisco AnyConnect of which we had no problem -- it was really rock solid for us
  • Primarily Windows 10 Surface devices connecting but have seen the problem on some Dell devices as well. The first time we had any FortiClient install on our systems was May 2019.  We've tried various FortiClient versions in the 6.x line. 
  • At this point, we are leaning on some sort of mystery configuration on our Windows 10 devices themselves but really have come up empty after months of troubleshooting.  [/ul]
  • nsandone
    New Contributor

    I am experiencing the same issue with for a client.   The issue is very inconsistent.   Some users have no issues at all.  Other experience it randomly.   I have a ticket with Fortinet support open and have it escalated to the highest level.   Sniffer traces, debugs on the firewall, process monitor on the workstation.  Nothing clear is showing a reason for this.   We see the issue with FortiOS 6.0.5 thru 6.2.2.  FortiClient 6.0.5 thru 6.2.2.     

    zuka
    New Contributor

    We have opened a case in Fortinet support for more than two months and it is scaled, they say the issue is in development, but time passes and the solution does not arrive. Regards.

    bbilut
    New Contributor III

    I was running 6.0.5 and I had some people complaining about similar frequent disconnects. I recently upgraded to 6.0.7 and I noticed this in the list of things fixed in 6.0.7. I have not been running it long enough to notice if things are better.

     

    575259

    SSL VPN connection is being dropped intermittently.

     

     

    zuka
    New Contributor

    This bug id also was published in the list of "resolved issues" in the version 6.2.2:   https://docs.fortinet.com/document/fortigate/6.2.2/fortios-release-notes/289806/resolved-issues   But nothing is resolved.

    carlosfd
    New Contributor

    Hi all,

     

    Are any of you now running FortiClient 6.4.0 and have your problems disappeared with this release? Seeing similar instability or "sensitivity" issues that weren't apparent when using AnyConnect using FortiClient 6.0.9 and wondering whether an upgrade to 6.4.0 may have solved the problem for others.

     

    Thanks!

    JMITTECH

    Hi Guys, 

     

    I am also wondering if this issue has been resolved. We are wanting to upgrade the firmware on your Forti but have heard the VPN SSL becomes extremely unusable, and we rely heavily on it at the moment. 

     

    I have been reading the previous posts and I see that Forti are not prioritising the fix for this issue. Does anyone have any idea when a fix will be available for this?

    zuka
    New Contributor

    Hi Guys, In my case, after the updating to version v6.2.3 build1066 in Fortigate , i didn't have problems with de VPN SSL. All the cases that currently have instability is because they have problems with our internet conection, the rest of the users work without problems. We have studied each case. Regards. 

    Labels
    Top Kudoed Authors